Zero-friction vulnerability management platform

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

CVE-2010-0395

CVE information

Published

12 years ago

Last Modified

7 months ago

CVSSv2.0 Severity

High

Impact Analysis

Description

OpenOffice.org 2.x and 3.0 before 3.2.1 allows user-assisted remote attackers to bypass Python macro security restrictions and execute arbitrary Python code via a crafted OpenDocument Text (ODT) file that triggers code execution when the macro directory structure is previewed..

CVSSv2.0 Score

Severity
High
Base Score
9.3/10
Exploit Score
8.6/10
Access Vector
Network
Access Complexity
Medium
Authentication Required
None
Impact Score
10/10
Confidentiality Impact
Complete
Availability Impact
Complete
Integrity Impact
Complete

Products Affected

CPE Affected Vulnerable Excluding Edit
cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:fedoraproject:fedora:11:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:fedoraproject:fedora:12:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*
  Yes
- -
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
  Yes
- -
cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:suse:linux_enterprise_desktop:10:sp3:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:suse:linux_enterprise_desktop:11:-:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*
  Yes
2.0.0 3.2.1